Huawei HarmonyOS and EMUI Licensing Issues Vulnerability

2023-10-1100:00:00

China National Vulnerability Database

www.cnvd.org.cn

huawei

harmonyos

emui

authorization issue

vulnerability

lax permission checks

window management

abnormal operation

cnvd

6.7 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

39.3%

JSON

Huawei HarmonyOS is an operating system from Huawei, a Chinese company. It provides a full-scenario distributed operating system based on a microkernel.Huawei EMUI is a user interface developed by Huawei based on the Android operating system. Huawei HarmonyOS and EMUI suffer from an authorization issue vulnerability that stems from the presence of lax permission checks in the window management module. An attacker can exploit this vulnerability to cause a function to operate abnormally.

CPENameOperatorVersion
huawei emuieq11.0.1
huawei emuieq12.0.0
huawei emuieq12.0.1
huawei emuieq13.0.0
huawei harmonyoseq2.0.0
huawei harmonyoseq2.0.1
huawei harmonyoseq2.1.0
huawei harmonyoseq3.0.0
huawei harmonyoseq3.1.0

Name	Operator	Version
huawei emui	eq	11.0.1
huawei emui	eq	12.0.0
huawei emui	eq	12.0.1
huawei emui	eq	13.0.0
huawei harmonyos	eq	2.0.0
huawei harmonyos	eq	2.0.1
huawei harmonyos	eq	2.1.0
huawei harmonyos	eq	3.0.0
huawei harmonyos	eq	3.1.0